CVE-2019-18619

EPSS 0.14%
Veröffentlicht 22.07.2020 14:15:14
Zuletzt bearbeitet 21.11.2024 04:33:22
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Synaptics ≫ Vfs75xx Firmware Version5.2.225.26

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.2.318.26

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.2.524.26

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.2.3530.26

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.3.3539.26

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.3.1116

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.8.1096

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.10.1093

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.11.1106

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.15.1102

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.38.1058

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.2734.1050

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.5.2811.1050

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version5.6.23.1000

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version6.0.14.1108

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version6.0.32.1104

Synaptics ≫ Vfs75xx Version-

Synaptics ≫ Vfs75xx Firmware Version6.0.42.1107

Synaptics ≫ Vfs75xx Version-

Lenovo ≫ Thinkpad 25 Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad 25 Version-

Lenovo ≫ Thankpad A475 Firmware Version < 5.02.3539.0026

Lenovo ≫ Thankpad A475 Version-

Lenovo ≫ Thankpad A485 Firmware Version < 5.03.3542.0026

Lenovo ≫ Thankpad A485 Version-

Lenovo ≫ Thinkpad E480 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E480 Version-

Lenovo ≫ Thinkpad E580 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E580 Version-

Lenovo ≫ Thinkpad E485 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E485 Version-

Lenovo ≫ Thinkpad E585 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E585 Version-

Lenovo ≫ Thinkpad E490s Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E490s Version-

Lenovo ≫ Thinkpad S3 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad S3 Version-

Lenovo ≫ Thinkpad E490 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E490 Version-

Lenovo ≫ Thinkpad E590 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad E590 Version-

Lenovo ≫ Thinkpad R490 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad R490 Version-

Lenovo ≫ Thinkpad R590 Firmware Version < 5.2.321.26

Lenovo ≫ Thinkpad R590 Version-

Lenovo ≫ Thinkpad L480 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad L480 Version-

Lenovo ≫ Thinkpad L580 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad L580 Version-

Lenovo ≫ Thinkpad P1 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad P1 Version-

Lenovo ≫ Thinkpad P1 Gen 2 Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad P1 Gen 2 Version-

Lenovo ≫ Thinkpad X1 Extreme 2nd Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad X1 Extreme 2nd Version-

Lenovo ≫ Thinkpad P43s Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad P43s Version-

Lenovo ≫ Thinkpad P50 Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad P50 Version-

Lenovo ≫ Thinkpad P51 Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P51 Version-

Lenovo ≫ Thinkpad P51s (20jx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P51s (20jx) Version-

Lenovo ≫ Thinkpad P51s (20kx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P51s (20kx) Version-

Lenovo ≫ Thinkpad P51s (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P51s (20hx) Version-

Lenovo ≫ Thinkpad P52 Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P52 Version-

Lenovo ≫ Thinkpad P52s Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad P52s Version-

Lenovo ≫ Thinkpad P53 Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad P53 Version-

Lenovo ≫ Thinkpad P53s Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad P53s Version-

Lenovo ≫ Thinkpad P70 Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad P70 Version-

Lenovo ≫ Thinkpad P71 (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad P71 (20hx) Version-

Lenovo ≫ Thinkpad P72 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad P72 Version-

Lenovo ≫ Thinkpad P73 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad P73 Version-

Lenovo ≫ Thinkpad T25 (20k7) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T25 (20k7) Version-

Lenovo ≫ Thinkpad T460p Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad T460p Version-

Lenovo ≫ Thinkpad T460s Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad T460s Version-

Lenovo ≫ Thinkpad T470 (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T470 (20hx) Version-

Lenovo ≫ Thinkpad T470 (20jx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T470 (20jx) Version-

Lenovo ≫ Thinkpad T470p Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T470p Version-

Lenovo ≫ Thinkpad T470s (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T470s (20hx) Version-

Lenovo ≫ Thinkpad T470s (20jx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T470s (20jx) Version-

Lenovo ≫ Thinkpad T480 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad T480 Version-

Lenovo ≫ Thinkpad T480s Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad T480s Version-

Lenovo ≫ Thinkpad T490 Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad T490 Version-

Lenovo ≫ Thinkpad T490s Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad T490s Version-

Lenovo ≫ Thinkpad T570 (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T570 (20hx) Version-

Lenovo ≫ Thinkpad T570(20jx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad T570(20jx) Version-

Lenovo ≫ Thinkpad T580 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad T580 Version-

Lenovo ≫ Thinkpad T590 Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad T590 Version-

Lenovo ≫ Thinkpad X1 Carbon (20hx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad X1 Carbon (20hx) Version-

Lenovo ≫ Thinkpad X1 Carbon (20kx) Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad X1 Carbon (20kx) Version-

Lenovo ≫ Thinkpad X1 Carbon Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad X1 Carbon Version-

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Version-

Lenovo ≫ Thinkpad X1 Extreme Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad X1 Extreme Version-

Lenovo ≫ Thinkpad X1 Tablet Firmware Version < 5.5.40.1058

Lenovo ≫ Thinkpad X1 Tablet Version-

Lenovo ≫ Thinkpad X1 Tablet (20jx) Firmware Version < 5.2.227.26

Lenovo ≫ Thinkpad X1 Tablet (20jx) Version-

Lenovo ≫ Thinkpad X1 Yoga Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad X1 Yoga Version-

Lenovo ≫ Thinkpad X1 Yoga (20jx) Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad X1 Yoga (20jx) Version-

Lenovo ≫ Thinkpad X1 Yoga 3rd Gen Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad X1 Yoga 3rd Gen Version-

Lenovo ≫ Thinkpad X270 Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad X270 Version-

Lenovo ≫ Thinkpad X280 Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad X280 Version-

Lenovo ≫ Thinkpad X380 Yoga Firmware Version < 5.3.3542.26

Lenovo ≫ Thinkpad X380 Yoga Version-

Lenovo ≫ Thinkpad X390 Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad X390 Version-

Lenovo ≫ Thinkpad X390 Yoga Firmware Version < 6.0.36.1105

Lenovo ≫ Thinkpad X390 Yoga Version-

Lenovo ≫ Thinkpad Yoga 370 Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad Yoga 370 Version-

Lenovo ≫ Thinkpad S1 3rd Firmware Version < 5.2.3540.26

Lenovo ≫ Thinkpad S1 3rd Version-

Lenovo ≫ Thinkpad Yoga 260 Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad Yoga 260 Version-

Lenovo ≫ Thinkpad Yoga S1 Firmware Version < 5.1.338.26

Lenovo ≫ Thinkpad Yoga S1 Version-

Lenovo ≫ Thinkpad A275 Firmware Version < 5.2.3535.26

Lenovo ≫ Thinkpad A275 Version-

Hp ≫ Envy - 13t-ah100 Firmware Version < 5.5.11.1093

Hp ≫ Envy - 13t-ah100 Version-

Hp ≫ Envy - 13t-aq100 Firmware Version < 6.0.39.1111

Hp ≫ Envy - 13t-aq100 Version-

Hp ≫ Envy 13-ah0xxx Firmware Version < 5.5.11.1093

Hp ≫ Envy 13-ah0xxx Version-

Hp ≫ Envy 13-ah1xxx Firmware Version < 5.5.11.1093

Hp ≫ Envy 13-ah1xxx Version-

Hp ≫ Envy 13-aq0xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 13-aq0xxx Version-

Hp ≫ Envy 13-aq1xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 13-aq1xxx Version-

Hp ≫ Envy - 17t-bw000 Firmware Version < 5.5.11.1093

Hp ≫ Envy - 17t-bw000 Version-

Hp ≫ Envy - 17t-ce000 Firmware Version < 6.0.39.1111

Hp ≫ Envy - 17t-ce000 Version-

Hp ≫ Envy - 17t-ce100 Firmware Version < 6.0.39.1111

Hp ≫ Envy - 17t-ce100 Version-

Hp ≫ Envy 17-bw0xxx Firmware Version < 5.5.11.1093

Hp ≫ Envy 17-bw0xxx Version-

Hp ≫ Envy 17-ce0xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 17-ce0xxx Version-

Hp ≫ Envy 17-ce1xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 17-ce1xxx Version-

Hp ≫ Envy 17m-bw0xxx Firmware Version < 5.5.11.1093

Hp ≫ Envy 17m-bw0xxx Version-

Hp ≫ Envy 17m-ce0xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 17m-ce0xxx Version-

Hp ≫ Envy 17m-ce1xxx Firmware Version < 6.0.39.1111

Hp ≫ Envy 17m-ce1xxx Version-

Hp ≫ Envy X360 - 15t-cn000 Firmware Version < 5.5.11.1093

Hp ≫ Envy X360 - 15t-cn000 Version-

Hp ≫ Envy X360 - 15t-dr000 Firmware Version < 6.0.39.1111

Hp ≫ Envy X360 - 15t-dr000 Version-

Hp ≫ Envy X360 - 15t-dr000 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy X360 - 15t-dr000 (validity Fps) Version-

Hp ≫ Envy X360 - 15t-dr100 Firmware Version < 6.0.39.1111

Hp ≫ Envy X360 - 15t-dr100 Version-

Hp ≫ Envy X360 - 15t-dr100 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy X360 - 15t-dr100 (validity Fps) Version-

Hp ≫ Envy 15-cn0xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Envy 15-cn0xxx X360 Version-

Hp ≫ Envy 15-cn1xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Envy 15-cn1xxx X360 Version-

Hp ≫ Envy 15-dr0xxx X360 Firmware Version < 6.0.39.1111

Hp ≫ Envy 15-dr0xxx X360 Version-

Hp ≫ Envy 15-dr0xxx X360 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy 15-dr0xxx X360 (validity Fps) Version-

Hp ≫ Envy 15-dr1xxx X360 Firmware Version < 6.0.39.1111

Hp ≫ Envy 15-dr1xxx X360 Version-

Hp ≫ Envy 15-dr1xxx X360 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy 15-dr1xxx X360 (validity Fps) Version-

Hp ≫ Envy 15m-cn0xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Envy 15m-cn0xxx X360 Version-

Hp ≫ Envy 15m-dr0xxx X360 Firmware Version < 6.0.39.1111

Hp ≫ Envy 15m-dr0xxx X360 Version-

Hp ≫ Envy 15m-dr0xxx X360 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy 15m-dr0xxx X360 (validity Fps) Version-

Hp ≫ Envy 15m-dr1xxx X360 Firmware Version < 6.0.39.1111

Hp ≫ Envy 15m-dr1xxx X360 Version-

Hp ≫ Envy 15m-dr1xxx X360 (validity Fps) Firmware Version < 5.5.26.1102

Hp ≫ Envy 15m-dr1xxx X360 (validity Fps) Version-

Hp ≫ Pavilion X360 - 14t-cd000 Firmware Version < 5.5.11.1093

Hp ≫ Pavilion X360 - 14t-cd000 Version-

Hp ≫ Pavilion X360 - 15t-dq000 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion X360 - 15t-dq000 Version-

Hp ≫ Pavilion X360 - 15t-dq100 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion X360 - 15t-dq100 Version-

Hp ≫ Pavilion X360 14t-cd100 Firmware Version < 5.5.11.1093

Hp ≫ Pavilion X360 14t-cd100 Version-

Hp ≫ Pavilion X360 14t-dh000 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion X360 14t-dh000 Version-

Hp ≫ Pavilion 14-cd1xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Pavilion 14-cd1xxx X360 Version-

Hp ≫ Pavilion 14-cd2xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Pavilion 14-cd2xxx X360 Version-

Hp ≫ Pavilion 14-dh0xxx X360 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion 14-dh0xxx X360 Version-

Hp ≫ Pavilion 14m-cd0xxx X360 Firmware Version < 5.5.11.1093

Hp ≫ Pavilion 14m-cd0xxx X360 Version-

Hp ≫ Pavilion 14m-dh0xxx X360 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion 14m-dh0xxx X360 Version-

Hp ≫ Pavilion 15 Firmware Version < 5.5.8.1116

Hp ≫ Pavilion 15 Version-

Hp ≫ Spectre X360 Firmware Version < 5.5.26.1102

Hp ≫ Spectre X360 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.343

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-763 Release of Invalid Pointer or Reference

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

https://www.synaptics.com/company/blog/

Vendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-31372

Patch

Third Party Advisory

https://support.hp.com/hk-en/document/c06696568

Patch

Third Party Advisory

https://www.synaptics.com/sites/default/files/fingerprint-driver-SGX-security-brief-2020-07-14.pdf

Vendor Advisory

https://www.syssec.wiwi.uni-due.de/en/research/research-projects/analysis-of-tee-software/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-18619

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-18619

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-18619

EUVD